Cardless challenge systems and methods

ABSTRACT

Systems, methods, and apparatus for handling and/or authorizing payment requests by a consumer for a transaction are provided. Challenge questions may be presented from the non-merchant to the consumer after receiving the payment information, thereby allowing a judicious determination of when to ask such challenge questions and allowing complex and probative questions. The time limit for such challenge questions may advantageously be unconstrained, while still preserving security. Also, a risk analysis may be started prior to the consumer submitting payment information, thus allowing an efficient and complex risk analysis. Information about an access device used by the consumer may be obtained at the non-merchant from the access device with code sent to the access device from the merchant, and the device information may be used in the risk analysis.

CROSS-REFERENCES TO RELATED APPLICATIONS

The present application is a non-provisional application of and claimspriority to U.S. Provisional No. 60/946,113, filed on Jun. 25, 2007(Attorney Docket No.: 16222U-034600US and client ref. No. P-14181PRV)entitled “PAYMENT TRANSACTION SYSTEM AND METHOD,” and to U.S.Provisional No. 61/034,904, filed on Mar. 7, 2008 (Attorney Docket No.:16222U-036600US and client ref. No. P-14192PRV) entitled “SECURECHECKOUT AND CHALLENGE SYSTEMS AND METHODS,” the entire contents ofwhich are herein incorporated by reference for all purposes.

The present provisional application is related to commonly owned andconcurrently filed U.S. application Ser. No. ______ (Attorney DocketNo.: 16222U-036620US and client ref. No. P-14192US1), entitled “SYSTEMSAND METHODS FOR SECURE AND TRANSPARENT CARDLESS TRANSACTIONS,” and toU.S. patent application Ser. No. 11/763,240, filed on Jun. 14, 2007(Attorney Docket No.: 16222U-031600US and client ref. No. P-14082US)entitled “CONSUMER AUTHENTICATION SYSTEM AND METHOD,” the entirecontents of which are herein incorporated by reference for all purposes.

BACKGROUND

The present application is generally related to payment transactions,and more specifically to handling and/or authorizing payment requests bya consumer for a transaction.

Many Internet transactions are performed using credit, debit, or othertype of account number. If an unauthorized person is able to obtain theaccount number or other information used in a transaction, the accountmay be compromised. The result may be unauthorized withdrawals orcharges made by the unauthorized person. Most fraud occurs because ofcompromised merchants and acquirers who have received the accountinformation during the transaction.

Although other systems attempt to prevent the merchant from obtainingthe account number, such implementations require enrollment andextensive infrastructure changes. For example, in Google Checkout, amerchant must write new code to interface with a new entity, i.e.Google. Many additional requests and receiving of responses are added tothe infrastructure of the merchant web site, e.g., via a plug-in. Themerchant also needs to configure settings for the checkout, or monitor amerchant page in order to track an order. The merchant also has tocross-reference its order number with a unique identification numbergenerated by Google. Also, the consumer needs to enroll with Google toobtain the benefit of the Google Checkout procedure. All of these andother steps require a lot of work by the merchant and consumer, and at aminimum frustrate the adoption of Google Checkout, along with the lackof other features.

Additionally, additional steps may be performed to protect a card thatis compromised, stolen, or is being used without proper authorization ofthe cardholder. Prior methods attempt to authenticate the consumer inorder to prevent security risks, such as fraud. However, such attemptshave met with limited success. With the burgeoning growth of e-commerceand transactions conducted online, opportunities for payment card thefthave become more readily available. As a result, online payment cardfraud has also accordingly increased over the last few years. Despitemany prevention efforts, payment card fraud continues to account forannual losses in the range of hundreds of millions of dollars. Inaddition to losses incurred due to payment card fraud, transactions lostdue to false-positive declines (i.e., transactions that are incorrectlyidentified as fraudulent) also annually cost merchants and issuershundreds of millions of dollars in sales.

Furthermore, existing industry solutions that combat payment card fraudtend to be account- and issuer-oriented. In other words, individualissuers may employ different solutions to detect fraudulent activitieson their respective accounts and detection is at a single account level.As a result, payment card fraud that occurs across multiple accountsfrom multiple issuers often goes undetected. For example, it would bedifficult for an individual issuer to determine that an usually highnumber of payment cards used at a particular merchant have beencompromised and subject of fraud, since the fraud may only involve asmall number of payment cards issued by that individual issuer.

Additionally, a limited time is typically allowed for an authorizationto occur after a consumer has initiated the transaction, e.g.,submitting a payment request via button on a web page. Thus, mechanismsthat are used to authenticate the person, in order to prevent fraudulentactivity, have very little time to run. Thus, only very simplemechanisms have been achieved thus far.

Better ways to perform electronic financial transactions and toauthenticate consumers, particularly when the consumer is initiating atransaction over the Internet, are desirable. Embodiments of theinvention address the above problems, and other problems, individuallyand collectively.

BRIEF SUMMARY

Embodiments of the present invention provide systems and methods forhandling and/or authorizing payment requests by a consumer for atransaction. In one aspect, a challenge question is sent from thenon-merchant to the consumer subsequent to receiving from the consumer aconsumer message including payment information, which may be donedirectly. Thereby, additional authentication information may beobtained. Such additional authentication information can beadvantageously obtained when appropriate, and highly probative questionsmay be utilized, thereby providing greater security than previouslyavailable. In one embodiment, only after the challenge period would thenon-merchant authorize or send an authorization request to an issuer orsend payment information to another entity, thus the time limit of theauthorization request does not limit the challenge period. The result ofthe authorization may then be sent to the merchant as in conventionalmethods, thus not requiring the merchant to alter any other mechanismsor parts of its infrastructure.

In another aspect, a non-merchant server initiates a risk analysis priorto the consumer submitting payment information and calculates a firstrisk score based on the risk analysis. In this manner, a more efficientand/or complex risk analysis procedure may be implemented. In oneembodiment, challenge questions are presented to the consumer dependingat least partially on the first risk score.

In yet another aspect, the merchant serves an application (e.g. Web)page to the consumer, where the page includes code that sends deviceinformation from the consumer to the non-merchant. The deviceinformation may be advantageously used to begin a risk analysis inanticipation of receiving payment information from the consumer.

As used herein, the term “directly” can mean that the contents of amessage are not viewed by another entity during the path between thestated sender and receiver of the message. A direct transmission via anetwork, such as the Internet, will probably be sent through routers onits way to the receiver from the sender; however, such a transmission isstill direct. Although the message may be routed by a routing serverthat is part of the Internet backbone, such a server does not view thecontents. Also, as used herein, the term “server” can refer to acomputing system of one or more computers and network inputs and/oroutputs that act as portals for a local network to a larger (wider)network, such as the Internet. Also, as used herein, the term “based onX” can mean that an analysis, result, or other determination uses X in acalculation but that other factors may also be used. Also, as usedherein, the term “application page” may be a web page, a local page(e.g. a window) of an application running on a POS terminal, or anyother window, screen, or page through which an application receives,sends, or displays information to a consumer, including via textmessages.

Other embodiments of the invention are directed to systems, portableconsumer devices, and computer readable media associated with theabove-described methods.

These and other embodiments of the invention are described in furtherdetail below with reference to the Figures and the Detailed Description.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a block diagram of a system 20 according to an embodimentof the invention.

FIG. 2 shows a block diagram of one type of portable consumer device.

FIG. 3 shows a plan view of a second type of portable consumer device.

FIG. 4 shows a block diagram for a method 400 illustrating the flow ofdata during a transaction according to an embodiment of the presentinvention.

FIG. 5 shows a screen shot of a checkout page 500 according to anembodiment of the present invention.

FIG. 6 shows a block diagram of a method 600 illustrating the flow ofdata during a transaction where transaction information is sent from theaccess device to the payment processing network 26 according to anotherembodiment of the present invention.

FIG. 7 shows a block diagram for a method 700 illustrating the flow ofdata during a transaction where challenges are presented to the consumeraccording to an embodiment of the present invention.

FIG. 8 shows a screen shot of a checkout page 800 used for presentingchallenge questions to a consumer according to an embodiment of thepresent invention.

FIG. 9 shows a block diagram for a method 900 illustrating the flow ofdata during a transaction where a type of payment information is sent tothe merchant 22 from the payment processing network 26 according to anembodiment of the present invention.

FIG. 10 shows a block diagram for a method 1000 illustrating the flow ofdata during a transaction where a type of payment information is sent toan acquirer 24 from the payment processing network 26 according to anembodiment of the present invention.

FIG. 11 shows a block diagram of an exemplary computer apparatus usablewith system and methods according to embodiments of the presentinvention.

DETAILED DESCRIPTION

Embodiments of the present invention provide systems and methods forhandling and/or authorizing payment requests by a consumer for atransaction. Challenge questions may be presented from the non-merchantto the consumer after receiving the payment information, therebyallowing a judicious determination of when to ask such challengequestions and allowing for the possibility of asking more complex andprobative questions. The time limit for such challenge questions may notbe constrained. Also, a risk analysis may be started prior to theconsumer submitting payment information, thus allowing an efficient andcomplex risk analysis. Information about an access device used by theconsumer may be obtained at the non-merchant from the access device withcode sent to the access device from the merchant, and the deviceinformation may be used in the risk analysis.

I. System and Challenge Overview

FIG. 1 shows an exemplary system 20 according to an embodiment of theinvention. Other systems according to other embodiments of the inventionmay include more or less components than are shown in FIG. 1.

The system 20 shown in FIG. 1 includes a merchant 22 and an acquirer 24associated with the merchant 22. In a typical payment transaction, aconsumer 30 may purchase goods or services at the merchant 22 using aportable consumer device 32. The merchant 22 could be a physical brickand mortar merchant or an e-merchant. The acquirer 24 can communicatewith an issuer 28 via a payment processing network 26. The consumer mayinteract with the payment processing network 26 and the merchant throughan access device 34, such as a point of sale (POS) terminal, personalcomputer, and a mobile phone. The merchant 22 may also have, or mayreceive communications from, an access device 34 that can interact withthe portable consumer device 32, such as a debit card, credit card,smartcard, and a mobile phone.

In one aspect, communications to/from the merchant 22 are provided byone or more servers. A server may be any computer device that isconnected to the communication channels provided. As used herein, theterm merchant may be used interchangeably with a merchant server.Similar communications involving the acquirer and issuer may also use aserver.

As shown in FIG. 1, the payment processing network 26 may comprise aserver 26(a), which may comprise a challenge question engine 26(a)-1.The server 26(a) may also be in communication with a transaction historydatabase 26(b) and a challenge question database 26(c). The challengequestion engine 26(a)-1 may simply extract challenge questions from thechallenge question database 26(c). Alternatively or additionally, thechallenge question engine 26(a)-1 may generate challenge questions usinginformation in the transaction history database 26(b).

The challenge questions may be static or dynamic in nature, as isdescribed in U.S. patent application Ser. No. 11/763,240, filed on Jun.14, 2007 (Attorney Docket No.: 16222U-031600US) entitled “CONSUMERAUTHENTICATION SYSTEM AND METHOD,” which is incorporated by reference inits entirety for all purposes. For example, the challenge questionengine 26(a)-1 may receive an authorization request message, forexample, in response to a consumer's request to purchase goods. It maythereafter retrieve suitable questions from the challenge questiondatabase 26(c) or may generate suitable challenge questions on its own.For instance, in some cases, the challenge question engine 26(a)-1 mayretrieve the question “What is your mobile phone number?” from thechallenge question database 26(c) after receiving an authorizationrequest message from a particular consumer. Alternatively, the challengequestion engine 26(a)-1 may generate a dynamic question such as “Did youuse this credit card at McDonald's last night?” The informationpertaining to the particular restaurant that the consumer 30 was at thepreceding day could be retrieved from the transaction history database26(b).

The challenge question database 26(c) may be populated with questions ofany suitable type. The questions may relate to a past location (e.g.,the consumer's current home, the city that the consumer recentlyvisited) or current location (e.g., the current location of the storethat the consumer is currently at), the type or name of the merchantthat the consumer is presently visiting or has visited in the past, theconsumer's family or personal data (e.g., name, phone number, socialsecurity number, etc.), etc. The questions in the challenge questiondatabase 26(c) may be generated by the challenge question engine 26(a)-1and subsequently stored in the challenge question database 26(c). Aswill be described later, the challenge question engine 26(a)-1 maydetermine whether to ask a question and which questions to ask based ondevice information received from the access device 34 and/or theselection of items to purchase, or type of transaction involved.

Alternatively, or additionally, the challenge questions may be generatedfrom an external source and then subsequently stored in the challengequestion database 26(c). For example, the consumer 30 may use a browseron a personal computer or the like to supply specific challengequestions to the server 26(a) via a communication medium (not shown)such as the Internet.

In some embodiments, a consumer may determine the kinds and/or quantityof challenge questions to ask himself or herself. For example, theconsumer may specify that the consumer wants to be asked three challengequestions if the consumer visits a jewelry store, but only one questionif the consumer visits a fast food restaurant. The types of questionsposed by the consumer may be based on the merchant type, frequency ofpurchasing, etc. Some concepts relating to user-defined authorizationparameters are described in U.S. patent application Ser. No. 10/093,002,filed on Mar. 5, 2002, which is herein incorporated by reference in itsentirety for all purposes.

In preferred embodiments, the challenge questions are derived from pasttransaction data in the transaction history database 26(b). The consumer30 may conduct many, many transactions with the payment processingnetwork 26 (and/or the issuer 28) over time. This consumer transactioninformation may be stored in the transaction history database 26(b) overtime, and challenge questions may be generated using the transactioninformation. The past transaction information provides a good basis forauthenticating the consumer 30, since the consumer 30 will know aboutwhat transactions that the consumer 30 has conducted in the past. Forexample, the consumer 30 may have used his credit card to pay for ahotel room in New York the previous day, and on the next day may beasked a question such as “Did you stay at a hotel in New Yorkyesterday?” In another example, the consumer 30 may have purchased anitem that is more than $2000 the day before, and on the next day may beasked “Did you make a purchase for more than $2000 yesterday?” Thequestions/answers that are presented to the consumer 30 may be free formin nature and/or may include pre-formatted answers such as multiplechoice or true-false answers from which the user may select.

The description below describes a process where the consumer 30 buys anitem over the Internet through a personal computer, e.g. at home or atwork. However, in other embodiments the consumer may use an accessdevice at the merchant 22 to select the item, much in the same way as onthe Internet. For example, a consumer 30 may obtain items and scan themin to make the selection. In one embodiment, the application page (e.g.a web page) would then already be at the access device and thus wouldnot need to be sent. The scanning device could also communicate with aconsumer's phone, where either can communicate with the merchant 22, andthe payment processing network 26.

II. Secure and Convenient Transactions

Methods according to embodiments of the invention can be described withreference to FIGS. 1 and 4. In a typical purchase transaction, theconsumer 30 initiates a purchase of a good or service at a merchantserver 22 (e.g. through a merchant's website) using a portable consumerdevice 32 such as a credit card.

FIG. 4 shows a block diagram for a method 400 illustrating the flow ofdata during a transaction according to an embodiment of the presentinvention. In step 401, the items and the type of payment method areselected by the consumer 30. As part of a checkout request, thisinformation is sent from the access device 34 to the merchant server 22,also referred to as the merchant. For example, the consumer 30 picks thestock-keeping unit (SKU) number of items desired. In this example, theaccess device 34 may be a point of sale (POS) terminal at the merchant22.

In a pure Internet commerce transaction embodiment, the consumer 30 hasselected the items on a merchant's website by placing them in a shoppingbasket or similar part of the merchant's website. The consumer 30 isthen offered various payment options (also termed payment mechanismoptions herein). Then, once the consumer selects a particular paymentoption such as a particular credit card (e.g. VISA, MasterCard, AmericanExpress, or Discover), the above information (i.e., shopping basketinformation, and credit card information) is sent to the merchant 22.

In a POS (point of sale) terminal example, a consumer 30 may scan initems at a checkout kiosk. This effectively fills up a virtual shoppingbasket. The consumer 30 can then select a type of payment by making aselection on a display screen associated with the POS terminal.Alternatively, the consumer 30 may initiate a payment with the portableconsumer device 32, for example, by swiping a card through anappropriate slot in the POS terminal. In another example, the POSterminal may be a contactless reader, and the portable consumer device32 may be a contactless device such as a contactless card. The POSterminal can then identify the payment type and send informationregarding the type of transaction to the merchant 22.

In step 402, the merchant server 22 sends transaction information to thepayment processing network 26 or other non-merchant entity. Thetransaction information may be sent in a transaction message. In oneaspect, a server of the payment processing network 26 receives thetransaction information, as well as other messages and receiving othermessages mentioned herein.

The transaction information includes a merchant identification (ID), anamount of the transaction, and a correlation ID, which ties togethermessages associated with the same transaction. The correlation ID may bethe same ID that the merchant normally uses internally to track atransaction, which is advantageous, since the merchant 22 does not haveto create any additional infrastructure. The merchant 22 creates amessage and sends it (Method=“POST”) to the payment processing network26 in a process via a communication channel that is different than thecommunication channel that exists between the access device 34 and themerchant 22. Optionally, information relating to the items (e.g. SKU)selected may also be sent as part of the transaction info.

Note that this step typically involves sending credit card informationfrom the merchant 22 to the payment processing network 26. However, itis not necessary to do this at this point, particularly in embodimentswhere the merchant 22 does not receive the credit card information. Forexample, in some cases, only information related to the shopping basketis sent. This information may just be the amount of the transaction, butalso may include information about the items selected, which may be usedto select challenge questions as described below. For example, an itembeing purchased may be an item that the consumer 30 does not normallypurchase and/or the merchant 22 may have a reputation for being a riskymerchant (e.g., past fraud has been associated with the merchant).

In step 403, a checkout page, or other type of application page, with amapping to the payment processing network 26 is sent to the accessdevice 34. The page may be sent in response to the consumer 30 selectingan option to check out with the items selected in the virtual shoppingcart. In one embodiment, the merchant 22 serves a checkout page to theconsumer 30, where the checkout page has a “Submit Payment” button (orother mapping element) that has a destination address mapped to thepayment processing network 26 The destination address can be mapped toone or many computer apparatuses in the payment processing network 26.

In step 404, payment information is sent from the access device 34 tothe payment processing network 26 or other non-merchant entity. Thepayment information may be sent via a consumer message from the accessdevice, which may be done by any suitable protocol. A consumer messagemay be any message sent from the consumer via any device used by theconsumer (e.g. access device 34).

The payment information includes account information (such as theaccount number or other account identifier) of the consumer's account tobe used for the transaction, and may include other numbers such as thecredit card verification (CCV) number. In one embodiment of theinvention, the payment information is obtained from the consumerentering data into the checkout page. A purpose of sending theidentified consumer account is so that the account may be used as afunding source for the transaction, e.g., to buy selected items orotherwise send money to another individual or business.

In another embodiment of the invention, the payment information isobtained from the consumer 30 initiating the transaction with theportable consumer device 32, for example, at a POS terminal (acting asthe access device 34). Similarly, for this transaction, the destinationof the account information is the payment processing network 26. Theaccess device 34 can be programmed to permanently erase the accountinformation once the transaction is complete.

As the account information is advantageously not sent to the merchant22, there is not a risk of a security breach at the merchant 22, whichcan cause a compromise in consumer's information (e.g., credit cardinformation).

In one embodiment, the receiver of the account information (i.e.non-merchant, payment processing network 26) already is aware of theaccount information. In one aspect, the credit card is created at leastpartially through or in cooperation with the entity that administers orruns the payment processing network 26 (e.g. a credit card provider).For example, the payment processing network 26 may create a portion ofthe account identifier as a Bank Identification Number (BIN) that isassociated with the issuer 28. Accordingly, during the transaction, nonew entities may become aware of the account information, and theaccount information is held by a minimum number of entities. In anotherembodiment, the payment processing network 26 can perform clearing andsettlement services. In yet another embodiment, the payment processingnetwork 26 is able to send the account information directly to theissuer 28.

In step 405, an authorization request message is sent from paymentprocessing network 26 to the issuer 28. Note that the merchant 22 doesnot provide an authorization request message in the example shown. Instep 406, the issuer 28 responds to the authorization request, which wasinitiated by the payment processing network 26.

In step 407, the payment processing network 26 creates and sends astatus message, which contains the correlation ID and the status of thetransaction, e.g., whether or not the transaction is a success (withreceipt) or failure. Accordingly, the merchant server 22 does not seethe account information in this embodiment. In some embodiments, thestatus information may also include the transaction amount and/or itemsto be purchased, e.g., when the merchant 22 has not received thisinformation yet. The status message is one type of a funding messagethat is sent from the payment processing network 26 to the merchantserver 22. A funding message may be any message sent from a non-merchantserver (such as payment processing network 26) to a merchant server 22.

Normally, in a conventional transaction, the merchant 22 would receivean authorization response from the acquirer 24, which would be inresponse to the merchant 22 sending an authorization request messageafter receiving the payment information. In the embodiment of FIG. 4,the merchant 22 still receives an authorization response message in theform of the status information. The merchant 22 has the convenience ofstill using this same mechanism after it has matched the correlation IDwith the items selected, thus providing simple mechanisms for merchantsto adopt more secure methods of conducting transactions.

In step 408, a receipt or confirmation of the transaction may be sent tothe consumer 30. As shown, the receipt is sent from the merchant 22 tothe consumer 30. In another embodiment, the payment processing network26 may also send the consumer 30 the receipt.

Specific embodiments of how the payment information is directed to thepayment processing network 26 will now be described.

III. Adoption of Secure Transactions

It is desirable to make it easy for merchants and consumers to adopt thesecure transaction processes described herein. Unless the parties of thetransaction can perform secure transactions with little or no effort ontheir part, the secure transaction are less likely to be adopted. If thesecure transactions are not adopted, fraud cannot be reduced.Accordingly, the embodiments described herein are easy to use and arelikely to be adopted.

FIG. 5 shows a screen shot of a checkout page 500 according to anembodiment of the present invention. The checkout page 500 is served tothe consumer 30 (e.g., via an access device that the consumer isoperating) from the merchant 22 (e.g., from a merchant's web server).This may occur after the consumer 30 has selected items and activated ageneral checkout button (checkout request) on the merchant's website orat the merchant's POS terminal. The information relating to the selecteditems may then be transferred from a previous page to page 500. Thus,page 500 may already have all or some of the items and quantityinformation filled in. In another example, the page is presented on aPOS display and the items are shown once an item is scanned.

The frame 510 of the window 500 shows the selections made by theconsumer. For example, the consumer may have chosen 1 set of Golf Clubs,5 Golf Tees, and 1 pair of Golf Shorts. The quantity and price(individual and total) for each of the items may be displayed. The frame520 includes options for selecting the type of payment mechanismdesired, such as different types of credit/debit cards or other paymentoptions. The payment frame 530 includes a place to input paymentinformation, such as the name and address of the payee, the account(card) number and a credit card verification number, if applicable. TheSubmit Payment button 535 causes the payment information to be sent toeither the merchant 22 or the payment processing network 26 depending onwhich payment option was selected. In one embodiment, the payment frame530 does not appear until the payment type is selected.

When the consumer clicks on the option A 525, the shopping basketinformation from frame 510 is sent to the merchant 22 as described forstep 401. Option A 525 may be a stand alone button as shown, or it maybe chosen from a drop-down list or from some other list. When option A525 is selected, the destination of the payment information when thesubmit payment button 535 is pressed is the payment processing network26. Thus, the payment information may be sent directly to the paymentprocessing network 26. The submit payment button 535 and the paymentoptions 525 and 527 are payment objects of the application page.

In one embodiment, the destination of the submit payment button 535 ischanged to the payment processing network 26. In another embodiment, thedestination of the submit payment button 535 can start out being thepayment processing network 26, and thus the destination stays the same.In yet another embodiment, the destination address has no set value andthe destination is set to be the payment processing network 26.

Option A 525 may be a single option or it may be a subset of options,e.g., a subset of four different options. In one embodiment, these fouroptions correspond to different payment mechanisms that can be processedby the payment processing network 26. For example, a set of credit cards(such as VISA and MasterCard) may be processed by payment processingnetwork 26.

In one embodiment, the destination of the submit payment button 535 ischanged by a new payment frame 530 being sent from the merchant 22 tothe access device 34. The new payment frame 530 has the “Submit Payment”button 535 with a destination mapped to the network 26. This may be theonly change to the frame so that as far as the consumer is concerned,the page has not changed. In another embodiment, the new payment frame530 may have a different presentation with different fonts, locations toinput the payment information, different payment information to enter,and different logos or advertising.

As to changes that are needed to be implemented by the merchant 22, theoption A button can have functionality for sending the shopping basketinformation of frame 510 to the merchant 22. Also, the merchant 22 canhave the destination of submit payment 535 changed. The change may bedone by sending over a new piece of HTML or other code, or having thedestination change dynamically based on code originally sent with thepage, when the checkout process was initiated by the consumer 30.

In one embodiment, the new payment frame 530 is sent by the merchant 22as an IFrame (an HTML element) that points to a location within thepayment processing network 26, and the payment frame 530 is served fromthe payment processing network 26. In this case, the new payment frame530 is sent from payment processing network 26. For example, once theIFrame is received by the access device 34, it then submits a request tothe payment processing network 26 for the display information for theIframe.

Advantageously, the consumer 30 does not have to enroll into a programor create an account to conduct secure transactions. As noted above,payment information can be sent automatically to the payment processingnetwork 26, even though the consumer 30 does not supply a usernameand/or password. A secure checkout is automatically performed when thepayment option 525 is chosen. Accordingly, it is likely that consumerswill adopt embodiments of the invention, since it is easy and convenientto use.

In one embodiment of the invention, as far as the consumer 30 knows, thepayment information is still sent to the merchant 22. Thus, this stepcan be transparent to the consumer. For example, the URL in the browserthat is used by the consumer would not change and the rest of the pagealso would not change. In other words, the change in the destination ofthe submit payment button 535 can be hidden from the consumer 30, sothat the consumer's shopping experience is the same as it has been inthe past.

When the consumer 30 selects other options 527, then the transaction mayproceed as normal. For example, the destination of the submit paymentbutton 535 would still be directed to the merchant 22. An authorizationrequest message would be sent from the merchant 22, to the paymentprocessing network 26, and back to the issuer 28 in some embodiments.Also, the virtual shopping basket information may not be sent to themerchant 22 when the button 527 is activated, but the virtual shoppingbasket information may be sent when the submit payment button 535 ispressed.

As mentioned above, the change or selection of the destination of the“submit payment” button 535 may be performed with code sent to theaccess device 34 operated by the consumer 30 in the initial serving ofthe page 500. Also, the transmission of the transaction information maybe different from method 400.

FIG. 6 shows a block diagram of a method 600 illustrating the flow ofdata during a transaction where transaction information is sent from theaccess device 34 to the non-merchant, payment processing network 26according to another embodiment of the present invention. Method 600shows other embodiments where the initial checkout page 500 includescode for sending payment information to the network 26 when the option A525 is chosen and/or where the transaction information is sent from theaccess device 34 to the payment processing network 26, as opposed tobeing sent from the merchant 22 to the payment processing network 26.

In step 601, a checkout page (e.g. page 500) is served from the merchant22 to the access device 34 operated by the consumer 30. The checkoutpage 500 may have a place for the consumer 30 to select the items or mayalready have all or some of the item and quantity information filled in,which may be transferred from a previous page. In one embodiment, thischeckout page 500 includes logic to select among a plurality ofdestinations for the payment information to be sent once a submitpayment element (e.g. 535) is activated. The selection is based on thepayment type selected. This may be done with IF statements, a CASEstatement, or similar logic.

In one embodiment of the invention, the payment option A 525 has adestination mapped to the payment processing network 26. Thus, in step602 at least some of the transaction information is sent to the paymentprocessing network 26 (without first being sent to the merchant 22) whenpayment option 525 is selected (e.g., clicked). This transactioninformation includes at least the amount of the transaction, and amerchant ID or merchant identifier. The transaction information may alsoinclude a transaction or correlation ID, which was sent by the merchant22 in page 500 or that was created at the access device 34, e.g., bycode embedded in page 500. If the correlation ID is created at theaccess device 34, then the correlation ID may be sent from the accessdevice 34 to the merchant 22, e.g. in step 603 or in another step.

The payment option A 525 may also have a destination mapped to themerchant server 22 so that the same transaction information is also sentto the merchant server 22 in an optional step 603. If this informationis sent to the merchant 525, the payment frame may be served from themerchant 22 as described in FIG. 4. The payment frame may be of auniversal type or the merchant can specify one that is designed to it(e.g. includes branding that it desires). Alternatively, the paymentprocessing network 26 can provide its own branding.

In the embodiment shown in FIG. 6, the web page 500 already includes theIFrame to retrieve the payment page 530 from the network 26. Once theoption 525 is chosen, the code in the checkout page 500 automaticallyknows to obtain a new payment frame 530 from the payment processingnetwork 26.

Thus, in step 604, the payment frame is sent from the payment processingnetwork 26 to the access device 34. This payment frame has a “SubmitPayment” element (e.g. 535) directed to the network 26.

Accordingly, in one embodiment, information regarding the payment typeis not received by the merchant 22. The page sent to the consumer viathe access device 34 when a general checkout is requested may alreadyhave a mapping of the submit payment element to payment processingnetwork 22 even though the consumer has not selected the form of paymentyet. Once the consumer 30 has selected the payment option A, the link tothe payment processing network 26 is established using the mapping thathas already been sent. In one aspect, information indicating that thepayment network 26 was chosen is sent to the merchant 22.

The rest of the steps of method 600 may be performed as the comparablesteps in method 400, or as described herein. For example, step 606 cansend an authorization request to issuer 28; step 607 can send back theauthorization response from the issuer 28; and step 608 can send thestatus information to merchant 22.

In one embodiment, the status information sent in step 608 can includethe amount of the transaction and the items selected as the merchant 22may not be aware of this information if step 603 is not performed. Instep 609, a receipt or confirmation of the transaction may be sent tothe consumer 30.

In one embodiment, an entity associated with the payment processingnetwork 26 can incentivize the use of embodiments of the invention byproviding a discount in a fee charged to the merchant 22 if the merchant22 uses embodiments of the invention.

IV. Complex Challenges and Risk Analysis

The ability of payment processing network 26 to obtain paymentinformation from the access device 34 and not from the merchant 22allows challenges to be presented from the payment processing network 26to the consumer and the types of challenges can be more complex thanthose previously available. For instance, more time can be madeavailable for challenges, thus allowing more challenges and morespecific and complex questions.

FIG. 7 shows a block diagram for a method 700 illustrating the flow ofdata during a transaction where challenges are presented to the consumeraccording to an embodiment of the present invention. Method 700 presentsa process flow similar to method 400 for the first few steps. However,in other embodiments, the first few steps may be similar to that ofmethod 600 or other methods described herein.

In step 701, the items selected by the consumer 30 and the type ofpayment method are sent from the access device 34 to the merchant server22. In step 702, the merchant server 22 sends the transactioninformation to the payment processing network 26 or other non-merchantentity. In one embodiment, the transaction information includes amerchant identification (ID), an amount of the transaction, and acorrelation ID, which ties together messages associated with the sametransaction. As mentioned above, the payment information may also besent from the access device 34 directly to the payment processingnetwork 26.

In step 703, a checkout page with a mapping to the payment processingnetwork 26 is sent to the access device 34. This page may be sent inresponse to the consumer 30 selecting an option to checkout (e.g. acheckout request) with the items selected in the shopping cart. In oneembodiment, the merchant 22 serves a checkout page to the consumer,where the checkout page has a “Submit Payment” button that has adestination address mapped to one or more computer apparatuses (e.g.servers) in the payment processing network 26.

In step 704, device information may be obtained. In one embodiment, thisoccurs before the account information is sent. Device information mayinclude an IP address for the access device 34, an operating system ofthe access device 34, a private value (such as a hash or other encryptedvalue) resulting from code running on the access device 34, or any othertype of information correlated to a computing device. In one embodiment,the merchant 22 serves a checkout page to the consumer 30, where thecheckout page has a “Submit Payment” button mapped to the paymentprocessing network 26,and renders an Iframe for device informationcollection, with a correlation ID reference. This is discussed in moredetail below. In one aspect, when the payment processing network 26 ischosen, the device information is sent and also then the items andamount are sent, either by the merchant 22 or the consumer 30.

In one embodiment, the device information is saved in a database orother storage device accessible to the payment processing network 26.The device information can be stored associated with a particularconsumer and/or a particular consumer account. In this manner, thedevice information for a current transaction can be compared to thedevice information for previous transaction, which can be used incalculating a risk score as described herein. The database of deviceinformation may also include information based on the items that theperson has purchased. The information in the database may then be usedto deliver an offer to the consumer. For example, if a computer (accessdevice) is known to be of a certain age and the location of the computeris known to be near a particular store, a coupon for that store(possibly targeted specifically for computers) may be sent to theconsumer via post mail, e-mail, or mobile application (such as SMS orMMS).

In one embodiment, a merchant ID and the correlation ID are sent whenthe device information is sent. In one aspect, a specific device serveris used in the collection that is different from the server used toverify the transaction.

The device information may also include a user unique ID (UUID), whichis not the account number. The device server may also requestDNA/pebbles through the user's browser based on the UUID. The deviceserver can then push results to the application tier. The deviceinformation may be filed in a local flat activity in, e.g., an XMLformat.

The use of IFrames allows the device collection to work transparentlyand to not be compromised by browser controls, such as pop up blockers.In one embodiment, if the device server is not available then a“function not available” message is sent to the application server sothat the transaction is not disrupted, thus allowing the user'sexperience to always be seamless.

In step 705, payment information is sent from the access device 34 tothe payment processing network 26 or other non-merchant entity. Thepayment information includes the account number of the consumer, and mayinclude other numbers such as the credit card verification (CCV) number.As mentioned above, the access device 34 may be a personal computingdevice (e.g. computer, phone, PDA, etc.) of the consumer 30, or theaccess device 34 may be associated with a retail establishment, such asa POS terminal.

The payment processing network 26 may use the device information or thetransaction information to initiate a risk analysis of the transaction.For example, if the IP address is not in the country, then thetransaction would be riskier, or if it is an IP address never usedbefore, e.g., not your home or work computer. Mechanisms may alsodetermine whether an IP address is being spoofed.

Initiating a risk analysis can refer to the start of a risk analysis,parts of which may be partially performed by another entity, or actualperformance of the risk analysis.

Also, if an item, the items taken as a whole, or the amount are unusualfor the consumer 30 to purchase, then the transaction may becharacterized as risky. Past transaction information may be used todetermine whether or not an item is an unusual purchase for the consumer30. Other information may also be used, such as the person's age,location of residence, or other information. For example, if theconsumer 30 is 75 years old and purchased a hang glider, then thetransaction might be characterized as risky.

A risk score that represents an account level risk associated with thecorresponding transaction may be calculated from any of the informationabove. Additional discussion for the calculation of a risk score can befound in U.S. Pat. No. 6,658,393 and U.S. patent application Ser. No.10/863,813, entitled “Method and System for Providing Risk Informationin Connection With Transaction Processing” (Attorney docket No.16222U-015810US) by Bruesewitz et al. A transaction with a high initialrisk score compared to a threshold criteria may be supplemented viachallenge questions submitted to the consumer.

In step 706, a challenge message is sent to the consumer 30. Forexample, when the device, item, consumer info, or other informationsuggests that the transaction being conducted is risky, then challengequestions may be presented in order to increase the security. Themessages may be in the form of challenge questions. Examples ofchallenge questions may include questions about the consumer's zip code,mother's maiden name, or more specific questions such as past purchases,etc.

The challenges may be sent to the access device 34 from which theaccount information was received, or it may be another device associatedwith the consumer, e.g., the consumer's mobile phone when it is not usedas the access device 34. In one embodiment, a code is sent to theconsumer's mobile phone, and the challenge question requests an input ofthe code. In one aspect, the code may be redeemable for a discount onthe current transaction or a future transaction. This code may be sentbefore the payment mechanism is shown, thus incentivizing use of apayment mechanism that is compatible (processable) by the network 26(e.g. option A 525).

In step 707, the consumer responds to the challenge question, e.g.providing a challenge answer. The process of sending challenge questionsand receiving challenge answers may be repeated.

After the challenge response has been validated as being correct orincorrect, a risk score may be provided to the issuer 28 for use indetermining whether to authorize the transaction. The risk score mayaccount for correctness of the challenge response, the place ofpurchase, the history of the card, the amount of the purchase, or anycombination of the other criteria mentioned herein. Thus, if anincorrect response is provided, the transaction is not necessarilydenied. Also, more than one challenge can be used. If two challenges areused and the response to both are wrong, then there would be a greaterchance that person would be turned down, i.e. a greater risk score. Ifone is wrong and the other right, then the total contribution to therisk score from the challenges may be zero or dependent on theconfidence score (see below) of each challenge. One skilled in the artwill appreciate the different contributions arising from multiplechallenge questions.

Some challenge questions may be more reliable (confidence score) thanother ones. The more reliable challenge questions may affect the riskscore more. Thus, a more accurate and efficient risk score may beachieved. In one aspect, the confidence score may be used as a weightingin determining the overall risk score, or similarly whether the user isconsidered to be authenticated.

In one embodiment, the limited time for the authorization to occur aftera consumer has initiated the transaction, e.g., submitting a paymentrequest via button on a web page, does not begin until the authorizationrequest is sent to the issuer 28. Thus, as many challenge questions maybe presented as desired. Thus, more complicated mechanisms may beachieved.

In step 708, the authorization request message is sent from the paymentprocessing network 26 to the issuer 28. Additional steps may beperformed as in methods 400 or 600, or other methods described herein.The presentation of the challenge questions can be made to integratewith the checkout page presented to the consumer 30, as described in theembodiment below.

FIG. 8 shows a screen shot of a checkout page 800 used for presentingchallenge questions to a consumer according to an embodiment of thepresent invention. In one embodiment, checkout page 800, or other typeof application page, has a similar layout compared to the checkout page500. The items 810-827 may have the same functionality as thecorresponding items of checkout page 500. Option A 825 may also haveenhanced functionality.

In one embodiment, embedded software, such as a hidden frame, isincluded in the checkout page 800 when it is sent to the consumer. Thiscode may be used to initiate the device information collection process.The code may be directly included in the page 800 or a link to the codemay be included. An exemplary line of a link to the code sent from themerchant 22 to the access device 34 is <iframesrc=‘http://www.ivisa.com/zfp_visa/php? Merchid=2000$corrid=123’height=1 width=1 frameborder=0 scrolling=no></iframe>. The deviceinformation may be sent at anytime after the page 800 is served to theconsumer. For example, it may be immediately after the page is served,i.e. before the Option A 825 is activated. In another embodiment, thedevice information is sent to the network 26 after the option A 825 isactivated, which selects the preferred payment processing network 26, orpayment processing organization (e.g., Visa).

Also, after the option A 825 is chosen, the network-specific frame 830,which may use an IFrame, is presented to the consumer 30. The submitpayment button 835 has a destination address linked to the paymentprocessing network 26. After the submit payment button 835 is activated,a challenge question 840 may appear, along with a text box 845 forentering an answer to the challenge question 840. After any of thesebuttons or boxes are activated, they may disappear, as signified by thedotted lines. The challenge questions and answers may be used todetermine or alter a risk score as defined above. In one embodiment, theincorrect answers may be used to immediately deny the transaction.

The frame 830 may also be used to provide the feedback of whether thetransaction is approved or not, e.g., via a box 850.

The device information may also include information as to the type ofbrowser being used. This information may be used to determine how toprovide the frame 830 and the challenge questions. For example, byknowing the browser capabilities, the code may be served in a mannerthat is easily displayable and functional with the browser of theconsumer. For example, different code may be used based on whether ornot the access device is using a browser of a mobile phone.

V. Additional Process Flows

In some embodiments, the organization and processing of theauthorization may differ from the embodiments presented above. Thepayment processing network 26 does not always send an authorizationrequest message to the issuer 28. For example, after the paymentprocessing network 26 has received the payment information, e.g. in step404, or after the payment processing network 26 has finishes thechallenge process, e.g. after step 707, the payment processing network26 can send some type of payment information to the merchant, a merchantacquirer, or a general use acquirer.

FIG. 9 shows a block diagram for a method 900 illustrating the flow ofdata during a transaction where a type of payment information is sent tothe merchant 22 from the payment processing network 26 according to anembodiment of the present invention. Steps before step 904 may occur asdescribed herein.

In step 904, payment information is sent from the access device 34 tothe payment processing network 26 or other non-merchant entity. Thepayment processing network 26 may initiate a challenge process with theconsumer 30, continue with a risk analysis, or perform other steps asdescribed herein or known to one skilled in the art. In one embodiment,the payment information includes an account identifier for the accountto be used for the transaction.

In step 905, payment information is sent from the payment processingnetwork 26 (e.g. a server of a non-merchant entity) to the merchant 22.The payment information may be sent as one type of a funding messagethat is sent from the payment processing network 26 to the merchant 22.

In one embodiment, the information sent in this step may include a sameaccount identifier as received in step 904 or it may include a differentpayment identifier. For example, the payment processing network 26 cancreate a new or artificial PAN (primary account number) or code from anysymbols (possibly at random) and can associate that number with thecredit card number received in step 904. The new number may be of thesame size (e.g. # of characters) as the actual PAN.

In this manner, the merchant 22 still does not receive the actual creditcard number of the consumer. The new number may also only be associatedwith the credit card number for a limited time (i.e. temporary), thuspreventing that number to be used again. In one embodiment, the newnumber can have a prefix or other part that signifies that it is not areal card number but an artificial one created for the purpose above.

In step 906, the merchant 22 sends a first authorization request messageto the acquirer 24. In step 907, after the acquirer 24 receives thefirst authorization request message, the first authorization requestmessage is then sent to the payment processing network 26. At thispoint, the payment processing network 26 can match the new number withthe actual account number of the customer.

In step 907, the payment processing network 26 then, if necessary,forwards the authorization request message with the account number andamount to the issuer 28 (step 908). This step is not necessary, e.g.,when the payment processing network 26 is also the issuer of theconsumer account.

In step 909, the issuer 28 responds to the authorization requestmessage. For example, the issuer 28 may accept the transaction ordecline the transaction, or may refer the transaction. In step 910, thepayment processing network 26 forwards the authorization response to theacquirer 24, which then forwards the authorization results (step 911).Finally a receipt may be sent to the consumer (step 912).

FIG. 10 shows a block diagram for a method 1000 illustrating the flow ofdata during a transaction where a type of payment information is sent toan acquirer 24 from the payment processing network 26 according to anembodiment of the present invention. Steps before step 1004 may occur asdescribed herein.

In step 1004, payment information is sent from the access device 34 tothe payment processing network 26 or other non-merchant entity. Thepayment processing network 26 may then perform a challenge process withthe consumer 30, continue with a risk analysis, or perform other stepsas described herein or known to one skilled in the art.

In step 1005, payment information is sent from the payment processingnetwork 26 (e.g. a server of a non-merchant entity) to an acquirer 24.In one embodiment, the information sent in this step may include a sameaccount identifier as received in step 904 or it may include a differentpayment identifier as described above. In one embodiment, acquirer 24may be an acquirer chosen or associated with the merchant 22, and thuseach merchant may have a different acquirer. In another embodiment, thepayment processing network 26 may use the same acquirer 24 for alltransactions, or at least the same acquirer for a group of merchants.

In step 1006, the acquirer 24 sends a first authorization requestmessage to the network 26. At this point, a server computer in thepayment processing network 26 can match the new number with the actualaccount number of the customer.

In step 1007, the payment processing network 26 then, if necessary,forwards the authorization request message with the account number andamount to the issuer 28 (step 908). This step is not necessary, e.g.,when the payment processing network 26 is also the issuer of theconsumer account.

In step 1008, the issuer 28 responds to the authorization requestmessage. For example, the issuer 28 may accept the transaction ordecline the transaction, or may refer the transaction. In step 1009, thepayment processing network 26 forwards the authorization responsemessage to the acquirer 24, which then responds with the authorizationresults to the network 26 (step 1010). In step 1011, the paymentprocessing network 26 can then send status information to the merchant22 as in step 407. Finally a receipt may be sent to the consumer fromthe merchant 22 (step 1012). Alternatively, the payment processingnetwork 26 can send the receipt to the consumer 30, e.g., in parallelwith status information sent to the merchant 22.

VI. Various Embodiments

As used herein, an “acquirer” is typically a business entity, e.g., acommercial bank that has a business relationship with a particularmerchant or an ATM. An “issuer” is typically a business entity (e.g., abank) which issues a portable consumer device such as a credit or debitcard to a consumer. Some entities can perform both issuer and acquirerfunctions. Embodiments of the invention encompass such single entityissuer-acquirers.

The consumer 30 may be an individual, or an organization such as abusiness that is capable of purchasing goods or services. In otherembodiments, the consumer 30 may simply be a person who wants to conductsome other type of transaction such as a money transfer transaction or atransaction at an ATM.

The portable consumer device 32 may be in any suitable form. Forexample, suitable portable consumer devices can be hand-held and compactso that they can fit into a consumer's wallet and/or pocket (e.g.,pocket-sized). They may include smart cards, ordinary credit or debitcards (with a magnetic strip and without a microprocessor), keychaindevices (such as the Speedpass™ commercially available from Exxon-MobilCorp.), etc. Other examples of portable consumer devices includecellular phones, personal digital assistants (PDAs), pagers, paymentcards, security cards, access cards, smart media, transponders, and thelike. The portable consumer devices can also be debit devices (e.g., adebit card), credit devices (e.g., a credit card), or stored valuedevices (e.g., a stored value card).

The access devices 34 according to embodiments of the invention can bein any suitable form. Examples of access devices include point of sale(POS) devices, cellular phones, PDAs, personal computers (PCs), tabletPCs, handheld specialized readers, set-top boxes, electronic cashregisters (ECRs), automated teller machines (ATMs), virtual cashregisters (VCRs), kiosks, security systems, access systems, and thelike.

If the access device 34 is a point of sale terminal, any suitable pointof sale terminal may be used including card readers. The card readersmay include any suitable contact or contactless mode of operation. Forexample, exemplary card readers can include RF (radio frequency)antennas, magnetic stripe readers, etc. to interact with the portableconsumer devices 32.

The access device 34 may also be a wireless phone. In one embodiment,the portable consumer device 32 and the access device are the samedevice. For example, a consumer may use a wireless to phone to selectitems to buy through a browser.

When the access device 34 is a personal computer, the interaction of theportable consumer devices 32 may be achieved via the consumer 30 oranother person entering the credit card information into an application(e.g. a browser) that was opened to purchase goods or services and thatconnects to a server of the merchant, e.g. through a web site. In oneembodiment, the personal computer may be at a checkout stand of a retailstore of the merchant, and the application may already be connected tothe merchant server.

An exemplary portable consumer device 32′ in the form of a phone maycomprise a computer readable medium and a body as shown in FIG. 2. (FIG.2 shows a number of components, and the portable consumer devicesaccording to embodiments of the invention may comprise any suitablecombination or subset of such components.) The computer readable medium32(b) may be present within the body 32(h), or may be detachable fromit. The body 32(h) may be in the form a plastic substrate, housing, orother structure. The computer readable medium 32(b) may be a memory thatstores data and may be in any suitable form including a magnetic stripe,a memory chip, etc. The memory preferably stores information such asfinancial information, transit information (e.g., as in a subway ortrain pass), access information (e.g., as in access badges), etc.Financial information may include information such as bank accountinformation, bank identification number (BIN), credit or debit cardnumber information, account balance information, expiration date,consumer information such as name, date of birth, etc. Any of thisinformation may be transmitted by the portable consumer device 32.

Information in the memory may also be in the form of data tracks thatare traditionally associated with credits cards. Such tracks includeTrack 1 and Track 2. Track 1 (“International Air Transport Association”)stores more information than Track 2, and contains the cardholder's nameas well as account number and other discretionary data. This track issometimes used by the airlines when securing reservations with a creditcard. Track 2 (“American Banking Association”) is currently mostcommonly used. This is the track that is read by ATMs and credit cardcheckers. The ABA (American Banking Association) designed thespecifications of this track and all world banks must abide by it. Itcontains the cardholder's account, encrypted PIN data, plus otherdiscretionary data.

The portable consumer device 32 may further include a contactlesselement 32(g), which is typically implemented in the form of asemiconductor chip (or other data storage element) with an associatedwireless transfer (e.g., data transmission) element, such as an antenna.Contactless element 32(g) is associated with (e.g., embedded within)portable consumer device 32 and data or control instructions transmittedvia a cellular network may be applied to contactless element 32(g) bymeans of a contactless element interface (not shown). The contactlesselement interface functions to permit the exchange of data and/orcontrol instructions between the mobile device circuitry (and hence thecellular network) and an optional contactless element 32(g).

Contactless element 32(g) is capable of transferring and receiving datausing a near field communications (“NFC”) capability (or near fieldcommunications medium) typically in accordance with a standardizedprotocol or data transfer mechanism (e.g., ISO 14443/NFC). Near fieldcommunications capability is a short-range communications capability,such as RFID, Bluetooth™, infra-red, or other data transfer capabilitythat can be used to exchange data between the portable consumer device32 and an interrogation device. Thus, the portable consumer device 32 iscapable of communicating and transferring data and/or controlinstructions via both cellular network and near field communicationscapability.

The portable consumer device 32 may also include a processor 32(c)(e.g., a microprocessor) for processing the functions of the portableconsumer device 32 and a display 32(d) to allow a consumer to see phonenumbers and other information and messages. The portable consumer device32 may further include input elements 32(e) to allow a consumer to inputinformation into the device, a speaker 32(f) to allow the consumer tohear voice communication, music, etc., and a microphone 32(i) to allowthe consumer to transmit her voice through the portable consumer device32. The portable consumer device 32 may also include an antenna 32(a)for wireless data transfer (e.g., data transmission).

If the portable consumer device is in the form of a debit, credit, orsmartcard, the portable consumer device may also optionally havefeatures such as magnetic strips. Such devices can operate in either acontact or contactless mode.

An example of a portable consumer device 32″ in the form of a card isshown in FIG. 3. FIG. 3 shows a plastic substrate 32(m). A contactlesselement 32(o) for interfacing with an access device 34 may be present onor embedded within the plastic substrate 32(m). Consumer information32(p) such as an account number, expiration date, and consumer name maybe printed or embossed on the card. Also, a magnetic stripe 32(n) mayalso be on the plastic substrate 32(m).

As shown in FIG. 3, the portable consumer device 32″ may include both amagnetic stripe 32(n) and a contactless element 32(o). In otherembodiments, both the magnetic stripe 32(n) and the contactless element32(o) may be in the portable consumer device 32″. In other embodiments,either the magnetic stripe 32(n) or the contactless element 32(o) may bepresent in the portable consumer device 32″.

The payment processing network 26 may include data processingsubsystems, networks, and operations used to support and deliverauthorization services, exception file services, and clearing andsettlement services. An exemplary payment processing network may includeVisaNet™. Payment processing networks such as VisaNet™ are able toprocess credit card transactions, debit card transactions, and othertypes of commercial transactions. VisaNet™, in particular, includes aVIP system (Visa Integrated Payments system) which processesauthorization requests and a Base II system which performs clearing andsettlement services.

The payment processing network 26 may include a server computer. Aserver computer is typically a powerful computer or cluster ofcomputers. For example, the server computer can be a large mainframe, aminicomputer cluster, or a group of servers functioning as a unit. Inone example, the server computer may be a database server coupled to aWeb server. The payment processing network 26 may use any suitable wiredor wireless network, including the Internet.

The issuer 28 may be a bank or other organization that may have anaccount associated with the consumer 30. The issuer 28 may operate aserver which may have a challenge question engine. A transaction historydatabase and a challenge question database may be in communication witha server of issuer 28. The issuer server, challenge question engine,transaction history database, and challenge question database mayoperate in the same way or a different way than the payment processingnetwork server 26(a), challenge question engine 26(a)-1, transactionhistory database 26(b), and challenge question database 26(c).

Embodiments of the invention are not limited to the above-describedembodiments. For example, although separate functional blocks are shownfor an issuer, payment processing network, and acquirer, some entitiesperform all or any suitable combination of these functions and may beincluded in embodiments of invention. Additional components may also beincluded in embodiments of the invention.

VII. Computer Apparatus

FIG. 11 shows typical components or subsystems of a computer apparatus.Such components or any subset of such components may be present invarious components shown in FIG. 1, including the access device 34,server computers 26(a), 28(a), etc. The subsystems shown in FIG. 11 areinterconnected via a system bus 1175. Additional subsystems such as aprinter 1174, keyboard 1178, fixed disk 1179, monitor 1176, which iscoupled to display adapter 1182, and others are shown. Peripherals andinput/output (I/O) devices, which couple to I/O controller 1171, can beconnected to the computer system by any number of means known in theart, such as serial port 1177. For example, serial port 1177 or externalinterface 1181 can be used to connect the computer apparatus to a widearea network such as the Internet, a mouse input device, or a scanner.The interconnection via system bus 1175 allows the central processor1173 to communicate with each subsystem and to control the execution ofinstructions from system memory 1172 or the fixed disk 1179, as well asthe exchange of information between subsystems. The system memory 1172and/or the fixed disk 1179 may embody a computer readable medium.

Embodiments of the invention provide for a number of advantages. Forexample, the number of entities that know a credit card number can bekept at a minimum. Also, the amount of changes that a merchant needs toperform are minimal, such as simply placing one or more IFrames into acheckout page. Also, transaction information, such as device info,amount of the transaction, and the subject items of the transaction canbe provided to the network 26, so that the network 26 can, for example,get a head start on a risk analysis and also to determine whether or notto present challenge questions. The challenge questions can also be morecomplex since an authorization request need not sent until after thechallenge questions have been answered and no more questions are deemednecessary.

The specific details of the specific aspects of the present inventionmay be combined in any suitable manner without departing from the spiritand scope of embodiments of the invention. However, other embodiments ofthe invention may be directed to specific embodiments relating to eachindividual aspects, or specific combinations of these individualaspects.

It should be understood that the present invention as described abovecan be implemented in the form of control logic using computer softwarein a modular or integrated manner. Based on the disclosure and teachingsprovided herein, a person of ordinary skill in the art will know andappreciate other ways and/or methods to implement the present inventionusing hardware and a combination of hardware and software

Any of the software components or functions described in thisapplication, may be implemented as software code to be executed by aprocessor using any suitable computer language such as, for example,Java, C++ or Perl using, for example, conventional or object-orientedtechniques. Computer programs incorporating features of the presentinvention may be encoded on various computer readable media for storageand/or transmission; suitable media include magnetic disk or tape,optical storage media such as compact disk (CD) or DVD (digitalversatile disk), flash memory, and the like. The computer readablemedium may be any combination of such storage or transmission devices.

Such programs may also be encoded and transmitted using carrier signalsadapted for transmission via wired, optical, and/or wireless networksconforming to a variety of protocols, including the Internet. As such, acomputer readable medium according to an embodiment of the presentinvention may be created using a data signal encoded with such programs.Computer readable media encoded with the program code may be packagedwith a compatible device or provided separately from other devices(e.g., via Internet download). Any such computer readable medium mayreside on or within a single computer program product (e.g. a hard driveor an entire computer system), and may be present on or within differentcomputer program products within a system or network.

The above description is illustrative and is not restrictive. Manyvariations of the invention will become apparent to those skilled in theart upon review of the disclosure. The scope of the invention should,therefore, be determined not with reference to the above description,but instead should be determined with reference to the pending claimsalong with their full scope or equivalents.

A recitation of “a”, “an” or “the” is intended to mean “one or more”unless specifically indicated to the contrary.

All patents, patent applications, publications, and descriptionsmentioned above are herein incorporated by reference in their entiretyfor all purposes. None is admitted to be prior art.

1. A method for authorizing a transaction between a consumer and amerchant, the method comprising: receiving, at a server of anon-merchant entity, a consumer message from an access device used bythe consumer, wherein the consumer message includes account informationof an account of the consumer to be used for the transaction; subsequentto receiving the consumer message, sending, to the consumer from thenon-merchant server, a challenge question; receiving, at thenon-merchant server from the consumer, a challenge answer to thechallenge question; and sending, to a merchant server from thenon-merchant server, a funding message.
 2. The method of claim 1,further comprising repeating sending at least one challenge question andreceiving at least one challenge answer.
 3. The method of claim 1,wherein the challenge question is sent to a consumer device that is notthe access device.
 4. The method of claim 3, wherein the consumer deviceis a mobile phone of the consumer and the access device is a point ofsale terminal at a retail location associated with the merchant.
 5. Themethod of claim 1, further comprising: prior to sending theauthorization request to the issuer of the account, sending a challengequestion to the consumer.
 6. The method of claim 1, further comprisingdetermining whether to send a challenge question to the user based oninformation collected from a client device of the user.
 7. The method ofclaim 1 further comprising: receiving transaction information about atleast one of an access device being used by a consumer to initiate thetransaction, an amount of the transaction, and one or more items to bepurchased in the transaction; and determining a challenge question basedon the transaction information.
 8. The method of claim 1, furthercomprising: after receiving the consumer message, selecting, by thenon-merchant server, the challenge question to send to the consumer. 9.The method of claim 1, wherein the consumer message is received at thenon-merchant server directly from the access device.
 10. A system forauthorizing a transaction between a consumer and a merchant, the systemcomprising: a server having an external interface for receiving aconsumer message from an access device used by the consumer, wherein theconsumer message includes account information of an account of theconsumer to be used for the transaction, and wherein the server isassociated with a non-merchant entity; one or more processors; and oneor more memory devices containing instructions for directing the one ormore processors to: send, to the consumer from the non-merchant server,a challenge question, wherein the challenge question is sent subsequentto receiving the consumer message at the non-merchant server; receive,at the non-merchant server from the consumer, a challenge answer to thechallenge question; and send, to a merchant server from the non-merchantserver, a funding message.
 11. A method for authorizing a transactionbetween a consumer and a merchant, the method comprising: prior to theconsumer submitting account information of an account of the consumer tobe used for the transaction, receiving, at a server of a non-merchantentity, transaction information; initiating, at the non-merchant server,a risk analysis using the received transaction information; andcalculating a first risk score based on the risk analysis.
 12. Themethod of claim 11, further comprising determining whether to deny thetransaction based on the first risk score.
 13. The method of claim 11,further comprising determining whether to send at least one challengequestion to the consumer based on the first risk score.
 14. The methodof claim 11, further comprising: receiving, at the non-merchant server,a consumer message directly from an access device used by the consumer,wherein the consumer message includes account information of an accountof the consumer to be used for the transaction, wherein receiving theconsumer message results from the consumer submitting the accountinformation.
 15. The method of claim 11, wherein the transactioninformation includes information about at least one of: an access devicebeing used by a consumer to initiate the transaction; an amount of thetransaction; and one or more items to be purchased in the transaction.16. The method of claim 15, wherein at least a portion of thetransaction information is received from the access device and includesinformation about the access device, and wherein the information aboutthe access device includes at least one of a geographical location ofthe access device, an operating system of the access device, and aprocessor type of the access device.
 17. The method of claim 16, whereinall of the transaction information is received from the access device.18. The method of claim 15, wherein at least a portion of thetransaction information is received from the merchant and includesinformation about the amount of the transaction.
 19. The method of claim11, wherein the third party is an issuer and the account information iscontained within an authorization request to the issuer.
 20. A systemfor authorizing a transaction between a consumer and a merchant, thesystem comprising: a server having an external interface, wherein theserver is associated with a non-merchant entity; one or more processors;and one or more memory devices containing instructions for directing theone or more processors to: prior to the consumer submitting accountinformation of an account of the consumer to be used for thetransaction, receive, at the external interface, transactioninformation; initiate a risk analysis using the received transactioninformation; and calculating a first risk score based on the riskanalysis.
 21. A method for conducting a transaction between a consumerand a merchant, the method comprising: receiving, at a server of themerchant from an access device used by the consumer, a checkout requestto initiate a transaction; providing, from the merchant server to theaccess device, a first code for displaying an application page, whereinthe first code sends information about the access device to a server notoperated by the merchant; and receiving, at the merchant server from thenon-merchant server, a response message regarding the transaction. 22.The method of claim 21, wherein the application page contains aplurality of payment mechanism options for the transaction, wherein afirst subset of the payment mechanism options includes one or more firstpayment mechanisms, and wherein the first code sends the informationabout the access device in response to one of the first paymentmechanisms being selected by the consumer.
 23. A system for conducting atransaction between a consumer and a merchant, the system comprising: aserver having an external interface, wherein the server is associatedwith the merchant; one or more processors; and one or more memorydevices containing instructions for directing the one or more processorsto: receive, at the external interface from an access device used by theconsumer, a checkout request to initiate a transaction; provide, fromthe merchant server to the access device, a first code for displaying anapplication page, wherein the first code sends information about theaccess device to a server not operated by the merchant; and receive, atthe merchant server from the non-merchant server, a response messageregarding the transaction.
 24. A method for requesting authorization ofa transaction between a consumer and a merchant, the method comprising:initiating, by the consumer, a transaction involving the merchant;sending, to a server of a non-merchant entity, a consumer messagedirectly from an access device used by the consumer, wherein theconsumer message includes account information of an account of theconsumer to be used for the transaction; subsequent to sending theconsumer message, receiving, by the consumer from the non-merchantserver, a challenge question; sending, to the non-merchant server by theconsumer, a challenge answer to the challenge question; and receiving aresponse message including status information about the transaction. 25.The method of claim 24, wherein the challenge question is received at aconsumer device that is not the access device.
 26. The method of claim25, wherein the consumer device is a mobile phone of the consumer andthe access device is a point of sale terminal at a retail locationassociated with the merchant.
 27. The method of claim 24, wherein theresponse message is a receipt confirming an authorization of thetransaction.
 28. The method of claim 27, wherein the receipt is receivedfrom the merchant.
 29. A system for requesting authorization of atransaction between a consumer and a merchant, the system comprising: anexternal interface operable to connect to a merchant server, wherein theconnection allows a consumer to initiate a transaction involving themerchant; one or more processors; and one or more memory devicescontaining instructions for directing the one or more processors to:send, to a server of a non-merchant entity, a consumer message directlyfrom the external interface, wherein the consumer message includesaccount information of an account of the consumer to be used for thetransaction; subsequent to sending the consumer message, receive, fromthe non-merchant server, a challenge question; send, to the non-merchantserver, a challenge answer to the challenge question in response to acommand from the consumer; and receive a response message includingstatus information about the transaction.
 30. A method for requestingauthorization of a transaction between a consumer and a merchant, themethod comprising: providing, to a server of the merchant by theconsumer, a checkout request to initiate a transaction; receiving, fromthe merchant server by an access device used by the consumer, a firstcode for displaying an application page, wherein the first code sendsinformation about the access device to a server not operated by themerchant; sending the information about the access device to thenon-merchant server; subsequent to sending the access deviceinformation, sending a consumer message including account information ofan account of the consumer to be used for the transaction; and receivinga response message including status information about the transaction.31. The method of claim 30, wherein the consumer message is sentdirectly from an access device to the non-merchant server.
 32. A systemfor requesting authorization of a transaction between a consumer and amerchant, the system comprising: an external interface operable toconnect to a merchant server, wherein the connection allows a consumerto provide, to the merchant server, a checkout request to initiate atransaction; one or more processors; and one or more memory devicescontaining instructions for directing the one or more processors to:send information about the system to a server not operated by themerchant; subsequent to sending the system information, send a consumermessage in response to a command from the consumer, the consumer messageincluding account information of an account of the consumer to be usedfor the transaction; and receive a response message including statusinformation about the transaction.